How To Create SSH / SFTP User in Ubuntu Lightsail

In this video, I show you another way to create a system user on your Lightsail server. I had recently made a video on creating an alias user for providing someone else access to a Lightsail server. This video will slightly modify those steps. Instead of an alias user, we will setup a completely separate user account and configure that user to be able to login via ssh/sftp to your server with their own public/private keys.


  1. Create a new user on your server with the following command. This will create the home directory as well like: /home/USERNAME/ (replace USERNAME with the name of the user you want)
    • sudo useradd -s /bin/bash -m USERNAME
  2. Add the username USERNAME to the daemon group
    • sudo usermod -G daemon USERNAME
  3. Set the HOME environment variable for that user to the WordPress directory installation so when you SSH to your server using the new USERNAME, it will directly log on into the directory instead of /home/USERNAME/. To enable this, add the following line at the end of the /home/USERNAME/.bashrc file
    • sudo vi /home/USERNAME/.bashrc
    • export HOME="/opt/bitnami/apps/wordpress/htdocs"
    • cd ${HOME}
  4. Generate Public/Private keys
    • sudo mkdir -p /home/USERNAME/.ssh
    • cd /home/USERNAME/.ssh
    • sudo ssh-keygen
  5. You will be prompted to enter the path of the file to save the keys. Give the following path
    • /home/USERNAME/.ssh/username
  6. Add the content of the user’s public key file to autorized_keys file. In this example, the user’s public key is assumed to be in
    • sudo bash -c 'cat >> authorized_keys'
    • Be sure you are in the /home/USERNAME/.ssh folder when you run the above command.
  7. Modify file permissions
    • sudo chmod 700 /home/USERNAME/.ssh
    • sudo chmod 600 /home/USRENAME/.ssh/authorized_keys
  8. Set USERNAME as the owner of the .ssh directory and its contents
    • sudo chown -R USERNAME:USERNAME /home/USERNAME/.ssh
  9. Now try the connection using your favorite SSH client.

Now you should be able to SSH into your server with the newly created USERNAME user with the SSH private key you have.

If you need to convert the .PPK file to .PEM or OpenSSH file do the following

  1. Open PuttyGen on Windows. If you don’t have it download it from
  2. Load your PPK file
  3. Once you PPK key file has been imported, select Conversions -> Export OpenSSH Key
  4. Save your private key as USERNAME.pem
  5. Select Save public key in the main window. Name the key